Requesting additional scopes after sign-in

Your app can request additional scopes any time after the initial scopes have been granted. In this case, only those additional scopes will appear in the user's consent screen. Your app should request all previously granted scopes with these additional scopes to ensure your app proceeds with all the access it expects.

Before you begin

You must complete the basic Google Sign-In integration.

Checking which scopes have been granted

To check which scopes have already been granted to your app, use the grantedScopes property of GIDGoogleUser:

NSString *driveScope = @“https://www.googleapis.com/auth/drive.readonly”;
GIDGoogleUser *user = [GIDSignIn sharedInstance].currentUser;
// Check if the user has granted the Drive scope
if (![user.grantedScopes containsObject:driveScope]) {
  // request additional drive scope
}

Based on whether or not a certain scope has been granted by the user, you might need to make a request for an additional scope in order to support a particular interaction.

Requesting additional scopes

To request additional scopes, append the new scopes to the scopes property of the GIDSignIn shared instance, then call the signIn method to request consent. For example, to request read-only access to a user's Drive:

NSArray *currentScopes = [GIDSignIn sharedInstance].scopes;
[GIDSignIn sharedInstance].scopes = [currentScopes arrayByAddingObject:driveScope];
// Set loginHint to skip the account chooser.
[GIDSignIn sharedInstance].loginHint = user.profile.email;

[[GIDSignIn sharedInstance] signIn];

You might use this technique if you suspect users are avoiding sign-in because your consent screen is overwhelming new users, or if you think users are confused why they are being asked for certain permissions. In either case, you can delay the additional scopes and present them just before they are needed.